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The MAILING DATE of this communication appears on the cover sheet with the correspondence address « 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

I )S Responsive to communication(s) filed on 27 October 2000 . 
2a)D This action is FINAL. 2b)K This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 11 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-40 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1-40 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10)^3 The drawing(s) filed on is/are: a)S accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

I I )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d)or (f). 
a)D All b)D Some * c)D None of: 

1 Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 



3.D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . This action is responsive to communication: original application filed 
27 October 2000, with acknowledgement of continuing date 28 October 1999. 

2. Claims 1-40 are currently pending in this application. Claims 1, 2, 3, 9, 15, 21, 27, 28, 
29, and 35 are independent claims. 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language 

4. Claims 1-5, 9-11, 15-17, 21-23, 27-31, 33, and 35-37 are rejected under 35 
U.S.C. 102(e) as being anticipated by Borella et al. U.S. Patent No. 6,697,354 
(hereinafter '354). 

As to independent claim 1, "A method comprising: performing, at a client, 
to outgoing packets" is taught in '354 col. 6, lines 3-8; 

"having the client's private source IP address and generalized port number 
(GPN) and a protocol not directly supported by a network address translator 
(NAT) at which the client's private source IP address and GPN are translated to a 
NAT'S global source IP address and GPN, respectively, the functions of an 
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Application Layer Gateway (ALG) that need to be implemented in association with 
the NATS translations" is shown in '354 col. 3 line 64 through col. 4, line 15. 

As to independent claim 2, "A method comprising: performing, at a client, 
to incoming packets" is disclosed in '354 col. 6, lines 3-8; 

"sent to a network address translator's (NAT's) global destination IP address and 
generalized pod number (GPN) and having a protocol not directly suppoded by the NAT at 
which the NAT'S global destination IP address and GPN are translated to the client's 
private destination IP address and GPN, respectively, the functions of an Application 
Layer Gateway (ALG) that need to be implemented in association with the NAT'S 
translations" is taught in '354 col. 3 line 64 through col. 4, line 15. 

As to independent claim 3, this claim incorporates the methods of claim 1 and 
2 and is therefore rejected along the same rationale. 

As to dependent claim 4, "wherein modifying the packets comprises 
modifying a TCP or UDP checksum in a packet's TCP or UDP header to account 
for the IP address and TCP or UDP source port number translations" is shown in 
*354 col. 10, lines 49-56. 

As to dependent claim 5, "wherein modifying the checksum comprises 
adding to the TCP or UDP checksum the difference between the global and 
private source IP addresses, and the difference between global and private TCP 
or UDP source port numbers" is disclosed in '354 col. 13, line 1 through 38. 

As to independent claim 9, this claim contains substantially similar subject 
matter as cited in claim 3 and is rejected along the same rationale. 
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As to dependent claims 10 and 11 these claim contains substantially similar 
subject matter as cited in claims 4 and 5 above and are rejected along the same 
rationale. 

As to independent claim 15, this claim is directed to the apparatus of method of 
claim 3 and is rejected along the same rationale. 

As to dependent claims 16 and 17 these claim contains substantially similar 
subject matter as cited in claims 4 and 5 above and are rejected along the same 
rationale. 

As to independent claim 21, this claim is directed to the apparatus of method of 
claim 9 and is rejected along the same rationale. 

As to dependent claims 22 and 23 these claim contains substantially similar 
subject matter as cited in claims 4 and 5 above and are rejected along the same 
rationale. 

As to independent claims 27 and 28, these claims are directed to the 
apparatus of method of claims 1 and 9 and are rejected along the same rationale. 

As to independent claim 29, this claim is directed to a computer readable 
medium of method 3 and is rejected along the same rationale. 

As to dependent claims 30 and 31 these claim contains substantially similar 
subject matter as cited in claims 4 and 5 above and are rejected along the same 
rationale. 
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As to dependent claim 33, "wherein the method further comprises 
processing any necessary Application Layer Protocol (ALG)" is taught in '354 col. 
8, lines 14-20. 

As to independent claim 35, this claim is directed to a computer readable 
medium of method 9 and is rejected along the same rationale. 

As to dependent claims 36 and 37 these claim contains substantially similar subject 
matter as cited in claims 4 and 5 above and are rejected along the same rationale. 

Claim Rejections - 35 USC§103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 6-8, 12-14, 18-20, 24-26, 32, 34, and 38-40 are rejected under 35 
U.S.C. 103(a) as being unpatentable over '354 as applied to claims 1, 9, 15, 21, 29 and 
35 in further view of Nessett et al., U.S. Patent No. 6,055,236 (hereinafter '236). 

As to dependent claim 6, "and adding to a TCP or UDP checksum in a 
packet's TCP or UDP header, the difference between the global and private 
source IP addresses, and the difference between global and private TCP or UDP 
source port numbers" is taught in '354 col. 13, line 1 through 38 "Method 140 (FIG. 10) is 
illustrated with a specific example using TCP 58/EP 48 layer from layered protocol stack 42 . . . 
however, other protocol layer in layered protocol stack 42, could also be used .Table 3 
illustrates an exemplary data packet with an outer IP 48 header added for router 26"; 
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the following is not taught in '354: 

"wherein the protocol is an authenticating and/or encrypting-decrypting AH 
or ESP IPSec security protocol in a tunnel or a transport mode, and modifying the 
packets comprises: before authentication and/or encryption, in the transport 
mode, replacing the client's source port number with a global port number, or in 
the tunnel mode, replacing an encapsulated client's source IP address and port 
number by the NAT'S global IP address and port number" however '236 teaches 
"The IPsec services can be applied in one of two modes , a "transport mode" or a 
"tunnel mode ... As is known in the art, a virtual tunnel can be created by encapsulating 
a data packet inside another data packet. For example, an outer header is added 
before an inner header of data packet (e.g., Tables 3, 5, 8, and 1 1 ). Between the inner 
header and outer headers are any other header for a data path, or security" in col. 22, 
line 1 through col. 23, line 64. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify dynamic network translation taught in '236 to include a means to 
maintain establish secure internet sessions. One of ordinary skill in the art would have 
been motivated to perform such a modification to increase user flexibility and 
accommodate IP protocols IPv4 and IPv6 see '236 (col. 4, lines 59 et seq.) "Thus, it is 
desirable to allow an external network device to locate and/or communicate with 
services on internal network devices on a stub network using Distributed Network 
Address Translation ... using Internet Protocol security and other security protocol". 
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As to dependent claim 7, "further comprising processing any necessary 
Application Layer Protocol (ALG)" is taught in '354 col. 8, lines 14-20 "Above 
transmission layer 56 is an application layer 62 ... more or fewer protocol layers can 
also be used in protocol stack 42". 

As to dependent claim 8, "further comprising, for the AH protocol, 
computing each packet's authentication data as if the source IP address were 
equal to the NAT'S global IP address" is shown in '236 col. 21, lines 1-67 "There are 
a number of security measures that can be used with IP 48 ... IPsec typically defines 
two security services, each having an associated header that is added to an IP 48 
packet data that it protects." 

As to dependent claims 12-14, 18-20, 24-26, 32, 34, and 38-40 these claims 
contain substantially similar subject matter as cited in claims 5-8 above and are rejected 
along the same rationale. 
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Conclusion 



7. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ellen C Tran whose telephone number is 
(703) 305-8917. The examiner can normally be reached on 6:30 am to 3:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory A Morse can be reached on (703) 308-4789. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703) 306-5484. 




Ellen Tran, 
Patent Examiner 
Technology Center 2134 
10 June 2004 



